- NIST Cybersecurity Framework (NIST CSF): a set of guidelines for mitigating organizational cybersecurity risks, based on existing standards, guidelines, and practices.
- NIST Special Publication 800-53 (NIST 800-53): a catalog of security and privacy controls for all U.S. federal information systems except those related to national security.
- Some available publicly -- but read the license agreement
- ISO/IEC 27001: requirements for establishing, implementing, maintaining and continually improving an information security management system (ISMS)
- ISO/IEC 27002: information security practices
- ISO/IEC 27003: implementing an ISMS
- ISO/IEC 27004: metrics
- ISO/IEC 27005: risk management
- ISO/IEC 27007: auditing
- ISO/IEC 27008: auditor guidance
- ISO/IEC 27014: governance
- ISO/IEC 27031: business continuity
- ISO/IEC 27032: cybersecurity
- ISO/IEC 27033: network security
- ISO/IEC 27034: application security
- ISO/IEC 27035: incident management
- ISO/IEC 27037: digital forensics
- ISO/IEC 27015: financial sector
- ISO/IEC 27799: health sector
- ISO/IEC 21827: Capability Maturity Model